Glass Class - What Is a CASB?
Hi and welcome to Glass Class. Today we're going to be talking about what is a cloud access security broker, or a CASB. So, in a typical enterprise environment today, we have a couple of big changes that are happening, and they're moving data outside the firewall.
First, we have organizations adopting a series of both managed and unmanaged cloud-based applications. At the same time, we have users' devices moving outside of corporate control. So, we still have those managed devices, laptops, smartphones, what have you, that we've had for years in the past, and we have an increasing amount of BYOD. So, when we have a user, let's say on a BYOD device, connecting over a public network to a cloud-based application like Office 365 or Dropbox, there's a big security and compliance concern that the firewall cannot solve.
So the way that a CASB works is it integrates with backend applications to sit between the user and whatever device they're connecting into, and the app itself. And it does that through a series of proxies and APIs. Proxies provide that connection between the user and the application itself and are able to protect data in real time. APIs integrate with the applications on the backend to scan and control data at rest. Once we have this infrastructure in place, there are a couple main functions around data and threat protection that a CASB can provide.
The first piece is data protection. This is inclusive of things like access control, so controlling managed versus unmanaged device access, location control, et cetera, data leakage prevention, encryption, and the like.
Threat protection – so threat helps solve and mitigate problems related to malware, credential compromise, a whole broad range of different types of threats that may be targeting enterprise applications in the cloud.
Identity – so, identity is really the cornerstone of the foundation of any strong security story, especially when you move to the cloud, where you have things not only integrating with identity on premises, but single sign-on, step-up multi-factor auth, et cetera.
The last piece is visibility. Visibility provides everything from very detailed, granular logging around how the users are using these applications in the cloud, to, more importantly, user behavior analytics and other types of insights into what's actually going on that may be security relevant in your enterprise.
So, you combine this architecture that intermediates connections between the user and the backend cloud application in a comprehensive set of security functions, and that is a cloud access security broker. Thanks for joining Glass Class.